@okta/oidc-middleware@4.5.1 vulnerabilities
OpenId Connect middleware for authorization code flows
-
latest version
5.4.0
-
latest non vulnerable version
-
first published
7 years ago
-
latest version published
19 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the @okta/oidc-middleware package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
@okta/oidc-middleware is an OpenId Connect middleware for authorization code flows Affected versions of this package are vulnerable to Open Redirect allowing an attacker to redirect a user to an arbitrary URL. To exploit this vulnerability an attacker would need to send a victim a malformed URL containing a target server that they control. Once a user successfully completed the login process, the victim user would then be redirected to the attacker-controlled site. How to fix Open Redirect? Upgrade |
<5.0.0
|